Disclaimer: if you are looking for a strictly technical article, the ones I usually write, you will be disappointed. This blogpost is mainly my two cents on the way we, cybersecurity professionals, usually deal with situations, organizations and people, both techies and non-techies.
[Read More]
Welcome to my blog! My name is last and here I write about my learning journey through the wonderful (and sometimes scary) world of cyber security. Feel free to stick around, nothing here is really too complex to understand (if I learnt it, you surely can too). If you want to contact me, head to the about me page where you will find my e-mail address and Twitter profile. Anyway, check out my blog posts down here.
dnscat(how)2
Quick primer on how to setup and use dnscat2
dnscat2 uses a client server architecture to tunnel traffic via UDP and/or DNS queries. It can be used to bypass firewalls and execute commands on the machine running the client. It can also be used to to tunnel traffic from the server to the internal network of the client through...
[Read More]
Offensive Operations in Active Directory #1
Scatter the (h)ashes...
Greetings fellow hackers! Last here, today we will take a look at a well known technique used by attackers in AD environments, the infamous overpass-the-hash.
[Read More]
Offensive Operations in Active Directory #0
Taming Kerberos and making it our loyal companion
To my good friend Vito and to the league of evil men.
Let’s do some black wizardry, shall we?
[Read More]
Tactical Debriefing - Offshore
Lessons learned by pwning the Offshore pro lab by HTB
Greetings everyone, last is back! So, on the 28th of September I played the RomHack CTF with my fellow mates from JBZ and we arrived third, thanks to a flag submitted at the last second (a typical CTF tactic to make the other teams relax and then pwn them at...
[Read More]